]> git.ipfire.org Git - thirdparty/openvpn.git/commit
projects / thirdparty / openvpn.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 363af65) | patch
auth-token: Ensure tokens are always wiped on de-auth
authorDavid Sommerseth <davids@openvpn.net>
Tue, 28 Mar 2017 20:53:46 +0000 (22:53 +0200)
committerDavid Sommerseth <davids@openvpn.net>
Wed, 29 Mar 2017 10:04:19 +0000 (12:04 +0200)
commitdaab0a9fa8ff4f40e8a34707db0ac156d49fbfcb
treef421a9756b8f650cf0022c6989b4ff43376775c6tree
parent363af65178b8bbb482df958d6570c8763aee5d1dcommit | diff
auth-token: Ensure tokens are always wiped on de-auth

If tls_deauthenticate() was called, it could in some scenarios leave the
authentication token for a session in memory.  This change just ensures
auth-tokens are always wiped as soon as a TLS session is considered
broken.

Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Steffan Karger <steffan@karger.me>
Message-Id: <20170328205346.18844-1-davids@openvpn.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14344.html
Signed-off-by: David Sommerseth <davids@openvpn.net>
src/openvpn/ssl_verify.c diff | blob | blame | history
Mirror of https://github.com/OpenVPN/openvpn.git